Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0552 — HP Openview Network Node Manager vulnerability

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

3.3%

top 12.67%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Openview Network Node Manager IBM Tivoli Netview

Timeline

PublishedSep 20

Latest updateApr 30

Description

ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDhp/openview_network_node_manager5.01, 6.1+1

▶NVDibm/tivoli_netview5.0, 6.0+1

Patches

Patch: www.cert.org ↗Patch: www.kb.cert.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-58wf-w6hc-fcfx: ovactiond in HP OpenView Network Node Manager (NNM) 6↗2022-04-30

▶

CVEList

CVE-2001-0552: ovactiond in HP OpenView Network Node Manager (NNM) 6↗2001-08-29

▶

💥Exploits & PoCs

Exploit-DB

IBM Tivoli NetView 5/6 - OVActionD SNMPNotify Command Execution↗2001-06-08

▶